github.com/kobeld/docker@v1.12.0-rc1/docs/faq.md (about) 1 <!--[metadata]> 2 +++ 3 aliases = ["/engine/misc/faq/"] 4 title = "FAQ" 5 description = "Most frequently asked questions." 6 keywords = ["faq, questions, documentation, docker"] 7 [menu.main] 8 identifier="engine_faq" 9 parent = "engine_use" 10 weight = 80 11 +++ 12 <![end-metadata]--> 13 14 # Frequently Asked Questions (FAQ) 15 16 If you don't see your question here, feel free to submit new ones to 17 <docs@docker.com>. Or, you can fork [the 18 repo](https://github.com/docker/docker) and contribute them yourself by editing 19 the documentation sources. 20 21 22 ### How much does Engine cost? 23 24 Docker Engine is 100% free. It is open source, so you can use it without paying. 25 26 ### What open source license are you using? 27 28 We are using the Apache License Version 2.0, see it here: 29 [https://github.com/docker/docker/blob/master/LICENSE]( 30 https://github.com/docker/docker/blob/master/LICENSE) 31 32 ### Does Docker run on Mac OS X or Windows? 33 34 Docker Engine currently runs only on Linux, but you can use VirtualBox to run 35 Engine in a virtual machine on your box, and get the best of both worlds. Check 36 out the [*Mac OS X*](installation/mac.md) and [*Microsoft 37 Windows*](installation/windows.md) installation guides. The small Linux 38 distribution boot2docker can be set up using the Docker Machine tool to be run 39 inside virtual machines on these two operating systems. 40 41 >**Note:** if you are using a remote Docker Engine daemon on a VM through Docker 42 >Machine, then _do not_ type the `sudo` before the `docker` commands shown in 43 >the documentation's examples. 44 45 ### How do containers compare to virtual machines? 46 47 They are complementary. VMs are best used to allocate chunks of hardware 48 resources. Containers operate at the process level, which makes them very 49 lightweight and perfect as a unit of software delivery. 50 51 ### What does Docker technology add to just plain LXC? 52 53 Docker technology is not a replacement for LXC. "LXC" refers to capabilities of 54 the Linux kernel (specifically namespaces and control groups) which allow 55 sandboxing processes from one another, and controlling their resource 56 allocations. On top of this low-level foundation of kernel features, Docker 57 offers a high-level tool with several powerful functionalities: 58 59 - *Portable deployment across machines.* Docker defines a format for bundling 60 an application and all its dependencies into a single object which can be 61 transferred to any Docker-enabled machine, and executed there with the 62 guarantee that the execution environment exposed to the application will be the 63 same. LXC implements process sandboxing, which is an important pre-requisite 64 for portable deployment, but that alone is not enough for portable deployment. 65 If you sent me a copy of your application installed in a custom LXC 66 configuration, it would almost certainly not run on my machine the way it does 67 on yours, because it is tied to your machine's specific configuration: 68 networking, storage, logging, distro, etc. Docker defines an abstraction for 69 these machine-specific settings, so that the exact same Docker container can 70 run - unchanged - on many different machines, with many different 71 configurations. 72 73 - *Application-centric.* Docker is optimized for the deployment of 74 applications, as opposed to machines. This is reflected in its API, user 75 interface, design philosophy and documentation. By contrast, the `lxc` helper 76 scripts focus on containers as lightweight machines - basically servers that 77 boot faster and need less RAM. We think there's more to containers than just 78 that. 79 80 - *Automatic build.* Docker includes [*a tool for developers to automatically 81 assemble a container from their source 82 code*](reference/builder.md), with full control over application 83 dependencies, build tools, packaging etc. They are free to use `make`, `maven`, 84 `chef`, `puppet`, `salt,` Debian packages, RPMs, source tarballs, or any 85 combination of the above, regardless of the configuration of the machines. 86 87 - *Versioning.* Docker includes git-like capabilities for tracking successive 88 versions of a container, inspecting the diff between versions, committing new 89 versions, rolling back etc. The history also includes how a container was 90 assembled and by whom, so you get full traceability from the production server 91 all the way back to the upstream developer. Docker also implements incremental 92 uploads and downloads, similar to `git pull`, so new versions of a container 93 can be transferred by only sending diffs. 94 95 - *Component re-use.* Any container can be used as a [*"base image"*](reference/glossary.md#image) to create more specialized components. This can 96 be done manually or as part of an automated build. For example you can prepare 97 the ideal Python environment, and use it as a base for 10 different 98 applications. Your ideal PostgreSQL setup can be re-used for all your future 99 projects. And so on. 100 101 - *Sharing.* Docker has access to a public registry [on Docker Hub](https://hub.docker.com/) 102 where thousands of people have uploaded useful images: anything from Redis, 103 CouchDB, PostgreSQL to IRC bouncers to Rails app servers to Hadoop to base 104 images for various Linux distros. The 105 [*registry*](https://docs.docker.com/registry/) also 106 includes an official "standard library" of useful containers maintained by the 107 Docker team. The registry itself is open-source, so anyone can deploy their own 108 registry to store and transfer private containers, for internal server 109 deployments for example. 110 111 - *Tool ecosystem.* Docker defines an API for automating and customizing the 112 creation and deployment of containers. There are a huge number of tools 113 integrating with Docker to extend its capabilities. PaaS-like deployment 114 (Dokku, Deis, Flynn), multi-node orchestration (Maestro, Salt, Mesos, Openstack 115 Nova), management dashboards (docker-ui, Openstack Horizon, Shipyard), 116 configuration management (Chef, Puppet), continuous integration (Jenkins, 117 Strider, Travis), etc. Docker is rapidly establishing itself as the standard 118 for container-based tooling. 119 120 ### What is different between a Docker container and a VM? 121 122 There's a great StackOverflow answer [showing the differences]( 123 http://stackoverflow.com/questions/16047306/how-is-docker-io-different-from-a-normal-virtual-machine). 124 125 ### Do I lose my data when the container exits? 126 127 Not at all! Any data that your application writes to disk gets preserved in its 128 container until you explicitly delete the container. The file system for the 129 container persists even after the container halts. 130 131 ### How far do Docker containers scale? 132 133 Some of the largest server farms in the world today are based on containers. 134 Large web deployments like Google and Twitter, and platform providers such as 135 Heroku and dotCloud all run on container technology, at a scale of hundreds of 136 thousands or even millions of containers running in parallel. 137 138 ### How do I connect Docker containers? 139 140 Currently the recommended way to connect containers is via the Docker network feature. You can see details of how to [work with Docker networks here](userguide/networking/work-with-networks.md). 141 142 Also useful for more flexible service portability is the [Ambassador linking 143 pattern](admin/ambassador_pattern_linking.md). 144 145 ### How do I run more than one process in a Docker container? 146 147 Any capable process supervisor such as [http://supervisord.org/]( 148 http://supervisord.org/), runit, s6, or daemontools can do the trick. Docker 149 will start up the process management daemon which will then fork to run 150 additional processes. As long as the processor manager daemon continues to run, 151 the container will continue to as well. You can see a more substantial example 152 [that uses supervisord here](admin/using_supervisord.md). 153 154 ### What platforms does Docker run on? 155 156 Linux: 157 158 - Ubuntu 12.04, 13.04 et al 159 - Fedora 19/20+ 160 - RHEL 6.5+ 161 - CentOS 6+ 162 - Gentoo 163 - ArchLinux 164 - openSUSE 12.3+ 165 - CRUX 3.0+ 166 167 Cloud: 168 169 - Amazon EC2 170 - Google Compute Engine 171 - Microsoft Azure 172 - Rackspace 173 174 ### How do I report a security issue with Docker? 175 176 You can learn about the project's security policy 177 [here](https://www.docker.com/security/) and report security issues to this 178 [mailbox](mailto:security@docker.com). 179 180 ### Why do I need to sign my commits to Docker with the DCO? 181 182 Please read [our blog post]( 183 http://blog.docker.com/2014/01/docker-code-contributions-require-developer-certificate-of-origin/) on the introduction of the DCO. 184 185 ### When building an image, should I prefer system libraries or bundled ones? 186 187 *This is a summary of a discussion on the [docker-dev mailing list]( 188 https://groups.google.com/forum/#!topic/docker-dev/L2RBSPDu1L0).* 189 190 Virtually all programs depend on third-party libraries. Most frequently, they 191 will use dynamic linking and some kind of package dependency, so that when 192 multiple programs need the same library, it is installed only once. 193 194 Some programs, however, will bundle their third-party libraries, because they 195 rely on very specific versions of those libraries. For instance, Node.js bundles 196 OpenSSL; MongoDB bundles V8 and Boost (among others). 197 198 When creating a Docker image, is it better to use the bundled libraries, or 199 should you build those programs so that they use the default system libraries 200 instead? 201 202 The key point about system libraries is not about saving disk or memory space. 203 It is about security. All major distributions handle security seriously, by 204 having dedicated security teams, following up closely with published 205 vulnerabilities, and disclosing advisories themselves. (Look at the [Debian 206 Security Information](https://www.debian.org/security/) for an example of those 207 procedures.) Upstream developers, however, do not always implement similar 208 practices. 209 210 Before setting up a Docker image to compile a program from source, if you want 211 to use bundled libraries, you should check if the upstream authors provide a 212 convenient way to announce security vulnerabilities, and if they update their 213 bundled libraries in a timely manner. If they don't, you are exposing yourself 214 (and the users of your image) to security vulnerabilities. 215 216 Likewise, before using packages built by others, you should check if the 217 channels providing those packages implement similar security best practices. 218 Downloading and installing an "all-in-one" .deb or .rpm sounds great at first, 219 except if you have no way to figure out that it contains a copy of the OpenSSL 220 library vulnerable to the [Heartbleed](http://heartbleed.com/) bug. 221 222 ### Why is `DEBIAN_FRONTEND=noninteractive` discouraged in Dockerfiles? 223 224 When building Docker images on Debian and Ubuntu you may have seen errors like: 225 226 unable to initialize frontend: Dialog 227 228 These errors don't stop the image from being built but inform you that the 229 installation process tried to open a dialog box, but was unable to. Generally, 230 these errors are safe to ignore. 231 232 Some people circumvent these errors by changing the `DEBIAN_FRONTEND` 233 environment variable inside the Dockerfile using: 234 235 ENV DEBIAN_FRONTEND=noninteractive 236 237 This prevents the installer from opening dialog boxes during installation which 238 stops the errors. 239 240 While this may sound like a good idea, it *may* have side effects. The 241 `DEBIAN_FRONTEND` environment variable will be inherited by all images and 242 containers built from your image, effectively changing their behavior. People 243 using those images will run into problems when installing software 244 interactively, because installers will not show any dialog boxes. 245 246 Because of this, and because setting `DEBIAN_FRONTEND` to `noninteractive` is 247 mainly a 'cosmetic' change, we *discourage* changing it. 248 249 If you *really* need to change its setting, make sure to change it back to its 250 [default value](https://www.debian.org/releases/stable/i386/ch05s03.html.en) 251 afterwards. 252 253 ### Why do I get `Connection reset by peer` when making a request to a service running in a container? 254 255 Typically, this message is returned if the service is already bound to your 256 localhost. As a result, requests coming to the container from outside are 257 dropped. To correct this problem, change the service's configuration on your 258 localhost so that the service accepts requests from all IPs. If you aren't sure 259 how to do this, check the documentation for your OS. 260 261 ### Why do I get `Cannot connect to the Docker daemon. Is the docker daemon running on this host?` when using docker-machine? 262 263 This error points out that the docker client cannot connect to the virtual machine. 264 This means that either the virtual machine that works underneath `docker-machine` 265 is not running or that the client doesn't correctly point at it. 266 267 To verify that the docker machine is running you can use the `docker-machine ls` 268 command and start it with `docker-machine start` if needed. 269 270 $ docker-machine ls 271 NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS 272 default - virtualbox Stopped Unknown 273 274 $ docker-machine start default 275 276 You have to tell Docker to talk to that machine. You can do this with the 277 `docker-machine env` command. For example, 278 279 $ eval "$(docker-machine env default)" 280 $ docker ps 281 282 ### Where can I find more answers? 283 284 You can find more answers on: 285 286 287 - [Docker user mailinglist](https://groups.google.com/d/forum/docker-user) 288 - [Docker developer mailinglist](https://groups.google.com/d/forum/docker-dev) 289 - [IRC, docker on freenode](irc://chat.freenode.net#docker) 290 - [GitHub](https://github.com/docker/docker) 291 - [Ask questions on Stackoverflow](http://stackoverflow.com/search?q=docker) 292 - [Join the conversation on Twitter](http://twitter.com/docker) 293 294 Looking for something else to read? Checkout the [User Guide](userguide/index.md).